Squid Proxy
Collect and parse logs from Squid devices with Elastic Agent.
Version | 0.20.0 (View all) |
Compatible Kibana version(s) | 8.14.1 or higher |
Supported Serverless project types | Security Observability |
Subscription level | Basic |
Level of support | Elastic |
This integration is for Squid device's logs. It includes the following datasets for receiving logs over syslog or read from a file:
logdataset: supports Squid logs.
Log
The log dataset collects Squid logs.
Exported fields
| Field | Description | Type |
|---|---|---|
@timestamp | Event timestamp. | date |
container.id | Unique container id. | keyword |
data_stream.dataset | Data stream dataset. | constant_keyword |
data_stream.namespace | Data stream namespace. | constant_keyword |
data_stream.type | Data stream type. | constant_keyword |
event.dataset | Event dataset | constant_keyword |
event.module | Event module | constant_keyword |
input.type | Type of Filebeat input. | keyword |
log.file.device_id | ID of the device containing the filesystem where the file resides. | keyword |
log.file.fingerprint | The sha256 fingerprint identity of the file when fingerprinting is enabled. | keyword |
log.file.idxhi | The high-order part of a unique identifier that is associated with a file. (Windows-only) | keyword |
log.file.idxlo | The low-order part of a unique identifier that is associated with a file. (Windows-only) | keyword |
log.file.inode | Inode number of the log file. | keyword |
log.file.path | Full path to the log file this event came from. | keyword |
log.file.vol | The serial number of the volume that contains a file. (Windows-only) | keyword |
log.flags | Flags for the log file. | keyword |
log.offset | Offset of the entry in the log file. | long |
log.source.address | Source address from which the log event was read / sent from. | keyword |
squid.content_type | The content type as seen in the HTTP reply header. | keyword |
squid.peer_host | Hostname or IP address where, in the event of a cache miss, the request was forwarded. | keyword |
squid.peer_status | A code explaining how the request was handled, by forwarding it to a peer or going straight to the source. | keyword |
squid.result_code | The outcome of the request. | keyword |
squid.status_code | The status of the result. | long |
Changelog
| Version | Details | Kibana version(s) |
|---|---|---|
0.20.0 | Enhancement View pull request | — |
0.19.3 | Bug fix View pull request | — |
0.19.2 | Enhancement View pull request | — |
0.19.1 | Bug fix View pull request | — |
0.19.0 | Enhancement View pull request | — |
0.18.0 | Enhancement View pull request | — |
0.17.0 | Enhancement View pull request | — |
0.16.0 | Enhancement View pull request | — |
0.15.0 | Enhancement View pull request | — |
0.14.0 | Enhancement View pull request | — |
0.13.0 | Enhancement View pull request | — |
0.12.1 | Enhancement View pull request | — |
0.12.0 | Enhancement View pull request | — |
0.11.2 | Bug fix View pull request | — |
0.11.1 | Bug fix View pull request | — |
0.11.0 | Enhancement View pull request | — |
0.10.1 | Enhancement View pull request | — |
0.10.0 | Enhancement View pull request | — |
0.9.0 | Enhancement View pull request | — |
0.8.0 | Enhancement View pull request | — |
0.7.0 | Enhancement View pull request | — |
0.6.1 | Bug fix View pull request | — |
0.6.0 | Enhancement View pull request | — |
0.5.4 | Enhancement View pull request | — |
0.5.3 | Enhancement View pull request | — |
0.5.2 | Bug fix View pull request | — |
0.5.1 | Bug fix View pull request | — |
0.5.0 | Enhancement View pull request | — |
0.4.3 | Bug fix View pull request | — |
0.4.2 | Enhancement View pull request | — |
0.4.1 | Enhancement View pull request | — |
0.4.0 | Enhancement View pull request | — |
0.3.0 | Enhancement View pull request | — |
0.2.0 | Enhancement View pull request | — |
0.1.4 | Enhancement View pull request | — |
0.1.0 | Enhancement View pull request | — |